Category Archives: Linux

SELinux ACLs with Apache

A quick reminder to myself (and you if you’ve come across my little site) to change SELinux file ACLs when uploading new files to be served by Apache (httpd) on Centos.

Yesterday I linked to some Radeon drivers in my http://www.shernet.com/windows/ati-radeon-mobility-x1400-on-windows-10/ post.

However, the linked zip file was showing ‘Access Denied’ errors, despite the correct filesystem permissions.

I had forgotten to also mark the file as something httpd should have access to on Centos as far as SELinux was concerned.

Without further ado, it simply took:

sudo chcon -v -t httpd_sys_content_t uploaded_file.ext

 

Removing Malware: Ubuntu and SCCM Endpoint Protection

I had a poor soul who was hit by encryption malware. It appears that the person was infected at home, which encrypted files on that person’s DropBox account, which where then detected by SCCM Endpoint Protection on the company laptop.

To be safe, I wanted to make sure that the point of infection was in fact that home computer, and not a work laptop. However, I didn’t want to boot Windows, just in case.

Here’s what I did:

First I downloaded and booted  copy of Ubuntu 14.04 LTS Live/Installation DVD.

Then I downloaded SCCM Endpoint Protection for Mac and Linux from the Microsoft Volume License Service Center.

(Hint: you won’t see the download separately in the product chooser. Choose the *entire* SCCM Endpoint Protection category, then it will appear as separate download)

The download will be an ISO containing the Mac and Linux clients as well as the documentation. I mounted the ISO and copied the relevant files to a flash drive (since the laptop DVD drive was in use from the Ubuntu Live DVD).

Copy scep.amd64.deb.bin (assuming you’re using 64-bit Ubuntu) from the Linux/[version] folder to the liveuser’s home directory. You will need to make the file executable by running:

chmod +x scep.amd64.deb.bin

Then extract the .deb file by running

./scep.amd64.deb.bin

and agreeing the license agreement.

Next, I had to futz around a bit with 32-bit compatibility. In the end, this did the trick:

sudo dpkg --add-architecture i386
sudo apt-get update
sudo apt-get install lib32z1 lib32ncurses5 lib32bz2-1.0

You can now (at last) install the Endpoint protection client by running

sudo dpkg -i scep-4.5.10.amd64.deb

Next came a quick configuration of the web interface.

sudo nano /etc/opt/microsoft/scep/scep.cfg

Edit the [wwwi] section.
Make sure you set

agent_enabled = yes
listen_addr = "0.0.0.0"
listen_port = port_of_your_choice (i used 8443)
username = "username_of_your_choice"
password = "password_of_your_choice"

Then restart the SCCM Endpoint Daemon

sudo /etc/init.d/scep restart

Make sure you’ve mounted the infected drive. It should appear in the left Launch¬† bar as a hard drive icon. Click the icon to mount it.

Browse to https://localhost:8443 from that machine.
Log in with the username and password that you set in the configuration file.

Click “Control” in the top menu then “Update” in the left-hand menu. Click the “Update” button to update the definitions.

sccm linux av updateWait until it has finished updating. You can check the status by clicking “View” for the appropriate entry on that page.

Once the update is finished, click “On-Demand Scan” on the left nav bar.

Choose “In-depth Scan” from the dropdown menu.
Under “Scan Targets” enter:

/media/ubuntu

Then click “Scan files”

sccm scan files

This will scan mounted drives including the mounted Windows drive.

To view the progress, click “View” next to the newly created job entry.

That’s it, happy malware removing!

-Adam

And on and on

Halcyon and On and On came on Pandora. Always fills me with nostalgia for my high school days running Mandrake Linux with a stripped down Enlightenment WM and listening to techno on XMMS.
So much so, I fired up the old Packard Bell Pentium 166 for a classic listening session. Oh memories.

Mandrake 6

Focus On Your Core Competencies

It’s something drilled into every MBA, day after day. It’s a simple mantra, but one easily forgotten as excitement around a project builds. I am always tempted to re-invent the wheel, just to see what kind of wheel I can come up with.

But, when you have a goal in mind, remember: you don’t need to roll your own JSON library, host your own Git repository, code a game engine from scratch. Keep it simple, and focus on what you do best.

PS: Also fight the urge to recode your Java app in C# because Visual Studio 2013 is all free now. Fight it. You can do it!

It couldn’t hurt to see how Mono runs in Centos these days though…